本文整理汇总了Java中org.bouncycastle.asn1.DERSet类的典型用法代码示例。如果您正苦于以下问题:Java DERSet类的具体用法?Java DERSet怎么用?Java DERSet使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
DERSet类属于org.bouncycastle.asn1包,在下文中一共展示了DERSet类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: add
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
/**
* Return a new table with the passed in attribute added.
*
* @param attrType
* @param attrValue
* @return
*/
public AttributeTable add(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
{
AttributeTable newTable = new AttributeTable(attributes);
newTable.addAttribute(attrType, new Attribute(attrType, new DERSet(attrValue)));
return newTable;
}
示例2: buildSignedAttributes
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private static ASN1Set buildSignedAttributes(byte[] hash, Date dateTime, X509Certificate cert) throws Exception {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new Attribute(CMSAttributes.contentType, new DERSet(PKCSObjectIdentifiers.data)));
if (dateTime != null)
v.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(dateTime))));
v.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(hash))));
// CADES support section
ASN1EncodableVector aaV2 = new ASN1EncodableVector();
AlgorithmIdentifier algoId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(CMSSignedDataGenerator.DIGEST_SHA256), null);
aaV2.add(algoId);
byte[] dig = SignUtils.calculateHASH(CMSSignedDataGenerator.DIGEST_SHA256, cert.getEncoded());
aaV2.add(new DEROctetString(dig));
Attribute cades = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new DERSequence(new DERSequence(new DERSequence(aaV2)))));
v.add(cades);
ASN1Set signedAttributes = new DERSet(v);
return signedAttributes;
}
示例3: buildUnauthenticatedAttributes
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
/**
* Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007
* to start with the timeStampToken (signedData 1.2.840.113549.1.7.2).
* Token is the TSA response without response status, which is usually
* handled by the (vendor supplied) TSA request/response interface).
* @param timeStampToken byte[] - time stamp token, DER encoded signedData
* @return ASN1EncodableVector
* @throws IOException
*/
private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] timeStampToken) throws IOException {
if (timeStampToken == null)
return null;
// @todo: move this together with the rest of the defintions
String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14"; // RFC 3161 id-aa-timeStampToken
ASN1InputStream tempstream = new ASN1InputStream(new ByteArrayInputStream(timeStampToken));
ASN1EncodableVector unauthAttributes = new ASN1EncodableVector();
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1ObjectIdentifier(ID_TIME_STAMP_TOKEN)); // id-aa-timeStampToken
ASN1Sequence seq = (ASN1Sequence) tempstream.readObject();
v.add(new DERSet(seq));
unauthAttributes.add(new DERSequence(v));
return unauthAttributes;
}
示例4: getValue
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
@Override
public Attribute getValue() throws SignerException {
try {
logger.info(cadesMessagesBundle.getString("info.tsa.connecting"));
if (timeStampGenerator != null) {
//Inicializa os valores para o timestmap
timeStampGenerator.initialize(content, privateKey, certificates, hash);
//Obtem o carimbo de tempo atraves do servidor TSA
byte[] response = timeStampGenerator.generateTimeStamp();
//Valida o carimbo de tempo gerado
timeStampGenerator.validateTimeStamp(content, response, hash);
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(ASN1Primitive.fromByteArray(response)));
} else {
throw new SignerException(cadesMessagesBundle.getString("error.tsa.not.found"));
}
} catch (SecurityException | IOException ex) {
}
throw new UnsupportedOperationException(cadesMessagesBundle.getString("error.not.supported",getClass().getName()));
}
示例5: getValue
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
@Override
public Attribute getValue() {
try {
X509Certificate cert = (X509Certificate) certificates[0];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_1);
byte[] hash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(cert.getSubjectDN().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serial = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serial);
ESSCertID essCertId = new ESSCertID(hash, issuerSerial);
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[]{new DERSequence(essCertId), new DERSequence(DERNull.INSTANCE)})));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
示例6: getValue
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
@Override
public Attribute getValue() throws SignerException {
try {
logger.info(cadesMessagesBundle.getString("info.tsa.connecting"));
if (timeStampGenerator != null) {
//Inicializa os valores para o timestmap
timeStampGenerator.initialize(content, privateKey, certificates, hash);
//Obtem o carimbo de tempo atraves do servidor TSA
byte[] response = timeStampGenerator.generateTimeStamp();
//Valida o carimbo de tempo gerado
timeStampGenerator.validateTimeStamp(content, response, hash);
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(ASN1Primitive.fromByteArray(response)));
} else {
throw new SignerException(cadesMessagesBundle.getString("error.tsa.not.found"));
}
} catch (SecurityException | IOException ex) {
throw new SignerException(ex.getMessage());
}
}
示例7: getValue
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);// SHA-256
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
// return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(
new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
示例8: addTimestamp
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private static CMSSignedData addTimestamp(String tsaUrl, CMSSignedData signedData) throws IOException {
Collection<SignerInformation> signerInfos = signedData.getSignerInfos().getSigners();
// get signature of first signer (should be the only one)
SignerInformation si = signerInfos.iterator().next();
byte[] signature = si.getSignature();
// send request to TSA
byte[] token = TimeStampingClient.getTimeStampToken(tsaUrl, signature, DigestType.SHA1);
// create new SignerInformation with TS attribute
Attribute tokenAttr = new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken,
new DERSet(ASN1Primitive.fromByteArray(token)));
ASN1EncodableVector timestampVector = new ASN1EncodableVector();
timestampVector.add(tokenAttr);
AttributeTable at = new AttributeTable(timestampVector);
si = SignerInformation.replaceUnsignedAttributes(si, at);
signerInfos.clear();
signerInfos.add(si);
SignerInformationStore newSignerStore = new SignerInformationStore(signerInfos);
// create new signed data
CMSSignedData newSignedData = CMSSignedData.replaceSigners(signedData, newSignerStore);
return newSignedData;
}
示例9: buildSignerInfo
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private void buildSignerInfo(DEREncodableVector body,
byte[] signedHashContent, X509Certificate certContent, int hashId)
throws Exception {
// ----- Signers Info --------
final DEREncodableVector vec = new DEREncodableVector();
final DEREncodableVector signerinfoVector = new DEREncodableVector();
signerinfoVector.add(new DERInteger(SI_VERSION));
signerinfoVector.add(siAddCert(certContent));
signerinfoVector.add(siAddDigestAlgorithm(getHashAlg(hashId)));
signerinfoVector
.add(siAddDigestEncryptionAlgorithm(getHashSignAlg(hashId)));
// Add the digest
signerinfoVector.add(new DEROctetString(signedHashContent));
final DERSequence siSeq = new DERSequence(signerinfoVector);
vec.add(siSeq);
DERSet siSet = new DERSet(vec);
body.add(siSet);
}
示例10: buildDigestAlg
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private void buildDigestAlg(final DEREncodableVector body,
List<String> listHashId) {
// ---------- algoritmos de digest
final DEREncodableVector algos = new DEREncodableVector();
for (String next : listHashId) {
algos.add(new DERObjectIdentifier(next)); // 4 OID
algos.add(new DERNull()); // 4 NULL
}
final DEREncodableVector algoSet = new DEREncodableVector();
algoSet.add(new DERSequence(algos));
final DERSet digestAlgorithms = new DERSet(algoSet); // 2
// SET
body.add(digestAlgorithms);
}
示例11: buildSignerInfo
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private void buildSignerInfo(ASN1EncodableVector body,
byte[] signedHashContent, X509Certificate certContent, int hashId)
throws Exception {
// ----- Signers Info --------
final ASN1EncodableVector vec = new ASN1EncodableVector();
final ASN1EncodableVector signerinfoVector = new ASN1EncodableVector();
signerinfoVector.add(new DERInteger(SI_VERSION));
signerinfoVector.add(siAddCert(certContent));
signerinfoVector.add(siAddDigestAlgorithm(getHashAlg(hashId)));
signerinfoVector
.add(siAddDigestEncryptionAlgorithm(getHashSignAlg(hashId)));
// Add the digest
signerinfoVector.add(new DEROctetString(signedHashContent));
final DERSequence siSeq = new DERSequence(signerinfoVector);
vec.add(siSeq);
DERSet siSet = new DERSet(vec);
body.add(siSet);
}
示例12: buildDigestAlg
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private void buildDigestAlg(final ASN1EncodableVector body,
List<String> listHashId) {
// ---------- algoritmos de digest
final ASN1EncodableVector algos = new ASN1EncodableVector();
for (String next : listHashId) {
algos.add(new DERObjectIdentifier(next)); // 4 OID
algos.add(new DERNull()); // 4 NULL
}
final ASN1EncodableVector algoSet = new ASN1EncodableVector();
algoSet.add(new DERSequence(algos));
final DERSet digestAlgorithms = new DERSet(algoSet); // 2
// SET
body.add(digestAlgorithms);
}
示例13: signTimeStamp
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
/**
* We are extending CMS Signature
*
* @param signer
* information about signer
* @return information about SignerInformation
*/
private SignerInformation signTimeStamp(SignerInformation signer) throws IOException, TSPException {
AttributeTable unsignedAttributes = signer.getUnsignedAttributes();
ASN1EncodableVector vector = new ASN1EncodableVector();
if (unsignedAttributes != null) {
vector = unsignedAttributes.toASN1EncodableVector();
}
byte[] token = tsaClient.getTimeStampToken(signer.getSignature());
ASN1ObjectIdentifier oid = PKCSObjectIdentifiers.id_aa_signatureTimeStampToken;
ASN1Encodable signatureTimeStamp = new Attribute(oid, new DERSet(ASN1Primitive.fromByteArray(token)));
vector.add(signatureTimeStamp);
Attributes signedAttributes = new Attributes(vector);
SignerInformation newSigner = SignerInformation.replaceUnsignedAttributes(signer,
new AttributeTable(signedAttributes));
return newSigner;
}
示例14: addSigningTimeAttribute
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
private void addSigningTimeAttribute(final CAdESSignatureParameters parameters, final ASN1EncodableVector signedAttributes) {
if (!padesUsage) {
/*
* In PAdES, we don't include the signing time : ETSI TS 102 778-3 V1.2.1 (2010-07): 4.5.3 signing-time
* Attribute
*/
final Date signingDate = parameters.bLevel().getSigningDate();
if (signingDate != null) {
final DERSet attrValues = new DERSet(new Time(signingDate));
final Attribute attribute = new Attribute(pkcs_9_at_signingTime, attrValues);
signedAttributes.add(attribute);
}
}
}
示例15: addCommitmentType
import org.bouncycastle.asn1.DERSet; //导入依赖的package包/类
/**
* ETSI TS 101 733 V2.2.1 (2013-04)
*
* 5.11.1 commitment-type-indication Attribute
* There may be situations where a signer wants to explicitly indicate to a verifier that by signing the data, it
* illustrates a
* type of commitment on behalf of the signer. The commitment-type-indication attribute conveys such
* information.
*
* @param parameters
* @param signedAttributes
*/
private void addCommitmentType(final CAdESSignatureParameters parameters, final ASN1EncodableVector signedAttributes) {
// TODO (19/08/2014): commitmentTypeQualifier is not implemented
final BLevelParameters bLevelParameters = parameters.bLevel();
final List<String> commitmentTypeIndications = bLevelParameters.getCommitmentTypeIndications();
if (Utils.isCollectionNotEmpty(commitmentTypeIndications)) {
final int size = commitmentTypeIndications.size();
ASN1Encodable[] asn1Encodables = new ASN1Encodable[size];
for (int ii = 0; ii < size; ii++) {
final String commitmentTypeId = commitmentTypeIndications.get(ii);
final ASN1ObjectIdentifier objectIdentifier = new ASN1ObjectIdentifier(commitmentTypeId);
// final CommitmentTypeIndication commitmentTypeIndication = new
// CommitmentTypeIndication(objectIdentifier);
// final ASN1Primitive asn1Primitive = commitmentTypeIndication.toASN1Primitive();
asn1Encodables[ii] = new DERSequence(objectIdentifier);
}
final DERSet attrValues = new DERSet(asn1Encodables);
final Attribute attribute = new Attribute(id_aa_ets_commitmentType, attrValues);
signedAttributes.add(attribute);
}
}